Check: 5.098
Win7 Audit:
5.098
(in version v1 r16)
Title
TCP data retransmissions are not controlled. (Cat III impact)
Discussion
In a SYN flood attack, the attacker sends a continuous stream of SYN packets to a server, and the server leaves the half-open connections open until it is overwhelmed and is no longer able to respond to legitimate requests.
Check Content
Fix Text
Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> “MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is the default)” to “3” or less.
Additional Identifiers
Rule ID: SV-25077r1_rule
Vulnerability ID: V-4438
Group Title: TCP Data Retransmissions
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |